<?php

/** 
* 
* 
* by:南宁火蝶科技有限公司 http:///www.HdsysCms.com
* 声明:本系统禁止用二次开发、侵犯HdsysCms著作和除去HdsysCms进行售卖,如发现将追究一切权利,模版制作属于自己所得可以通过本系统对外开发模版获取收益!
* 
* 2019年第一版本发布 - 到2023.9.1开源使用! 
* php混淆工具:phpencry.wbox.top
* 
* 注意防骗:@HdsysCms 官方没授权任何个人机构合作,唯一收款抬头:《南宁火蝶科技有限公司》和官网显示客服唯一渠道客服,其它渠道以HdsysCms名义行为均骗子!
*
*/
	

defined('HDSYS_SET') or die("" . 'Not,This File Not Can in Ie Open');
class bs_lib
{
public static $URL_M;
public static $URL_C;
public static $URL_A;
public static function Include_Modules()
{
if (HDSYS_SET=='INDEX') {
isset($_GET['m'])==true ? self::$URL_M=$_GET['m'] : self::$URL_M='front';
isset($_GET['c'])==true ? self::$URL_C=$_GET['c'] : self::$URL_C='index';
isset($_GET['a'])==true ? self::$URL_A=$_GET['a'] : self::$URL_A='index';
} else {
isset($_GET['m'])==true ? self::$URL_M=$_GET['m'] : exit(bs_lib::Alerts('Error:URL参数错误', '错误URL参数错(M)误,没有找到入口模块.'));
isset($_GET['c'])==true ? self::$URL_C=$_GET['c'] : self::$URL_C='index';
isset($_GET['a'])==true ? self::$URL_A=$_GET['a'] : self::$URL_A=self::$URL_C;
}
self::$URL_M=safe_replace(self::$URL_M);
self::$URL_C=safe_replace(self::$URL_C);
self::$URL_A=safe_replace(self::$URL_A);
bs_lib::load_call_m(self::$URL_M, self::$URL_C, self::$URL_A);
}
public static function addslashes_array($string)
{
if (!is_array($string)) {
if (bs_lib::Bsphp_safe($string)==1) {
header('Content-Type: text/html; charset=utf-8');
echo '系统提示:为系统安全请勿输入屏蔽敏感关键字！' . $string;
exit;
}
return $string;
} else {
foreach ($string as $param_key=> $val) {
$string[$param_key]=bs_lib::addslashes_array($val);
if (bs_lib::Bsphp_safe($string[$param_key])==1) {
@header('Content-Type: text/html; charset=utf-8');
echo '系统提示:为系统安全请勿输入屏蔽敏感关键字！' . $string;
exit;
}
}
return $string;
}
}
public static function stripslashes_array($string)
{
if (!is_array($string)) {
return stripslashes($string);
}
foreach ($string as $param_key=> $val) {
$string[$param_key]=bs_lib::stripslashes_array($val);
}
return $string;
}
public static function load_call_m($param_m, $param_c, $param_a)
{
$param_File=HDSYS_DIR_SYS . 'include/' . $param_m . '/' . $param_c . '.modules.php';
if (!file_exists($param_File)) {
exit(bs_lib::Alerts('Error:控制入口错误', '需要引入php脚步文件不存在。<BR/>文件路径:' . $param_File));
}
include($param_File);
if (!class_exists($param_c)) {
exit(bs_lib::Alerts('Error:控制入口错误', "找不到入口点类, 类名:{$param_c}<BR/>文件路径:" . $param_File));
}
$param_new=new $param_c();
$param_a='call_' . $param_a;
if (false==method_exists($param_new, $param_a)) {
exit(bs_lib::Alerts('Error:控制入口错误', "需要函数入口不存在不存在,函数名:{$param_a}。<BR/>文件路径:" . $param_File));
}
$param_new->$param_a();
}
public static function load_modules_class($param_path, $file_name='')
{
$param_File=HDSYS_DIR_SYS . 'include/modules/' . $param_path . '/class/' . $file_name . '.class.php';
if (!file_exists($param_File)) {
exit(bs_lib::Alerts('Error:要引入类库文件不存在', '需要引入php脚步文件不存在。<BR/>文件路径:' . $param_File));
}
if (in_array($param_File, get_included_files())==false) {
include($param_File);
}
if (!empty($file_name)) {
return new $file_name();
}
return false;
}
public static function load_modules_common($param_path='', $file_name='')
{
if ($param_path=='') {
$param_path=self::$URL_M;
}
$param_File=HDSYS_DIR_SYS . 'include/modules/' . $param_path . '/common/' . $file_name . '*.function.php';
$param_File_ARRAY=glob($param_File);
foreach ($param_File_ARRAY as $param_filename) {
if (!file_exists($param_filename)) {
exit(bs_lib::Alerts('Error:要引入函数文件不存在', '需要引入php脚步文件不存在。<BR/>文件路径:' . $param_filename));
}
include($param_filename);
}
return ($param_File);
}
public static function load_libhdsys_class($param_path, $new_name='')
{
static $Class_object=array();
$param_File=HDSYS_DIR_LIB . 'class/' . $param_path . '.class.php';
$param_File_mad=md5($param_File);
if (isset($Class_object[$param_File_mad]['path'])) {
return $Class_object[$param_File_mad]['object'];
}
if (!file_exists($param_File)) {
exit(bs_lib::Alerts('Error:要引入类库文件不存在', '需要引入php脚步文件不存在。<BR/>文件路径:' . $param_File));
}
$Class_object[$param_File_mad]['path']=$param_File;
include($param_File);
if ($new_name=='') {
$new_name=$param_path;
}
$Class_object[$param_File_mad]['object']=new $new_name();
return $Class_object[$param_File_mad]['object'];
}
public static function load_libhdsys_common($param_path='')
{
$param_File=HDSYS_DIR_LIB . 'common/' . $param_path . '*.function.php';
$param_File_ARRAY=glob($param_File);
foreach ($param_File_ARRAY as $param_filename) {
if (!file_exists($param_filename)) {
exit(bs_lib::Alerts('Error:要引入函数文件不存在', '需要引入php脚步文件不存在。<BR/>文件路径:' . $param_filename));
}
if (in_array($param_filename, get_included_files())==false) {
include($param_filename);
}
}
}
public static function load_langs_array($param_path=null, $file_name=null)
{
$langs=self::$DIR_LANGS;
if ($param_path==null) {
$param_path=(string)self::$URL_M;
}
if ($file_name==null) {
$file_name=(string)self::$URL_C;
}
$param_file_path=BSPHP_DIR_SYS . 'include/langs/' . $langs . '/' . $param_path . '/' . $file_name . '.php';
if (!file_exists($param_file_path)) {
$param_file_path=BSPHP_DIR_SYS . 'include/langs/zh-cn/' . $param_path . "/" . $file_name . '.php';
}
if (!file_exists($param_file_path)) {
exit(bs_lib::Alerts('Error:要引入语言文件不存在', '需要引入php语言文件文件不存在。<BR/>文件路径:' . $param_file_path));
}
$param_file_path_array=include $param_file_path;
return $param_file_path_array;
}
public static function get_configs_value($param_path, $param_value=null)
{
static $param_Array=array();
if (isset($param_Array[$param_path])) {
if (empty($param_value)) {
return $param_Array[$param_path];
} elseif (isset($param_Array[$param_path][$param_value])) {
return stripslashes($param_Array[$param_path][$param_value]);
}
}
$param_File=HDSYS_DIR_SYS . 'cache/configs/' . $param_path . '.config.php';
if (file_exists($param_File)) {
$param_Array[$param_path]=include $param_File;
} else {
if (!is_dir(HDSYS_DIR_SYS . 'cache')) {
if (mkdir(HDSYS_DIR_SYS . 'cache', 0777, true));
}
if (!is_dir(HDSYS_DIR_SYS . 'cache/configs')) {
if (mkdir(HDSYS_DIR_SYS . 'cache/configs', 0777, true));
}
$param_db=bs_lib::load_libhdsys_class("" . 'db');
$param_sql="SELECT * FROM  `hdsys_sysconfig` WHERE  `sys_ini`='{$param_path}' LIMIT 1";
$param_ARR=$param_db->intelligence_array($param_sql);
if (!$param_ARR) {
return '';
}
$param_ARR['sys_val']=stripslashes($param_ARR['sys_val']);
$param_Arraycode=json_decode($param_ARR['sys_val'], 1);
$code=bs_lib::file_array_code($param_Arraycode);
$param_File=HDSYS_DIR_SYS . 'cache/configs/' . $param_ARR['sys_ini'] . '.config.php';
$param_tmp=file_put_contents($param_File, $code);
if (file_exists($param_File)) {
$param_Array[$param_path]=include $param_File;
} else {
return '';
}
}
if ($param_value==null) {
$param_Array=bs_lib::stripslashes_array($param_Array);
return ($param_Array[$param_path]);
} elseif (isset($param_Array[$param_path][$param_value])) {
$str=stripslashes($param_Array[$param_path][$param_value]);
return ($str);
} else {
return '';
}
}
public static function file_array_code($param_array)
{
$param_code_array_php="<?php   return array(";
foreach ($param_array as $param_value=> $param_key) {
$param_key=addslashes($param_key);
$param_code_array_php .="'$param_value'=>'$param_key',";
}
$param_code_array_php .=');  ?>';
return $param_code_array_php;
}
public static function Include_initialization()
{
require(HDSYS_DIR_DATA . 'Sql.Config.php');
}
public static function load_default_path($param_path=null)
{
if ($param_path==null) {
$param_path=self::$URL_C . '.' . self::$URL_A;
}
$DIR_TEMPLET=HDSYS_DIR_SYS . 'include/' . self::$URL_M . '/view/';
if (file_exists($DIR_TEMPLET . $param_path . '.view.php')) {
return ($DIR_TEMPLET . $param_path . '.view.php');
} else {
$default=HDSYS_DIR_SYS . 'include/' . self::$URL_M . '/view/' . $param_path . '.view.php';
if (file_exists($default)) {
return ($default);
} else {
exit(bs_lib::Alerts('Error:Html模板不存在', '系统没有找到Html的模板. 模板路径:' . $DIR_TEMPLET . $param_path . '.view.php'));
}
}
}
public static function Alerts($table, $text)
{
@header('Content-Type: text/html; charset=utf-8');
echo '<title>' . $table . '</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<div style="border: 1px dashed #cc0000;font-family:Tahoma;background-color:#FBEEEB;width:98%;padding:10px;color:#CC6600;"><strong>' . $table . '<BR/></strong><br>' . $text . '</div>';
exit;
}
public static function ShowMsg($table, $text)
{
@header('Content-Type: text/html; charset=utf-8');
if (bs_lib::get_configs_value('setup', 'dbug')==1) {
echo '<title>' . $table . '</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<div style=" font-size: 4vw;border: 1px dashed #00CC00;font-family:Tahoma;background-color:#CCFFCC;width:98%;padding:10px;color:#CC6600;"><strong>' . $table . '<BR/></strong><br>' . $text . '</div>';
exit;
} else {
echo '<title>错误已屏蔽请联系管理员</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<div style=" font-size: 4vw;border: 1px dashed #00CC00;font-family:Tahoma;background-color:#CCFFCC;width:98%;padding:10px;color:#CC6600;"><strong>' . $table . '<BR/></strong><br>当前上线模式无法查看错误,请在系统设置选择调试模式可见</div>';
exit;
}
}
public static function Bsphp_safe($param_str)
{
if ($param_str=='')
return (0);
if (preg_match('/^[a-zA-Z0-9\x80-\xff_+=%#&:\n\r\t\/\|.-]+$/', $param_str, $param_daata)) {
return (0);
}
if (preg_match('/select|insert|exec|replace|DATABASE|load_file|outfile|_admin|username|.db|database|outfile/i', $param_str)) {
return (1);
}
if (preg_match(
'/^(|(.*)group_concat(.*)|(.*)select(.*)from(.*)|(.*)update(.*)set(.*)|(.*)LIKE(.*)|(.*)"(.*)and(.*)|(.*)"(.*)"(.*)|(.*)\'(.*)\'(.*)|(.*)eval(.*)|(.*)and(.*)FROM(.*)|(.*)or(.*)form(.*)|(.*)NOTLIKE(.*)|(.*)NOT BETWEEN(.*)|(.*)INSERT(.*)INTO(.*)|(.*)NOTBETWEEN(.*)|(.*)BETWEEN(.*)|(.*)NOTIN(.*)|(.*)FORM(.*)|(.*)NOT IN(.*)|(.*)into(.*)|(.*)char(.*),(.*)|(.*)database(.*)\)(.*)|(.*)into(.*)FROM(.*)|(.*)union(.*)FROM(.*)|(.*)FROM(.*)null(.*)|(.*)update(.*)SET(.*)|(.*)delete(.*)FROM(.*)|(.*)update(.*)FROM(.*)|(.*)union(.*)all(.*)|(.*)union(.*))$/i',
$param_str,
$DATA
))
{
return (1);
}
$param_pattaern0="[,|INFORMATION_SCHEMA|CHARACTER_SETS|CHR|\|\||DaHm|END|;|CASE|THEN|index|NULL|--|space|ALL|EXP|NEQ|group_concat|EGT|ELT|OR|XOR|LIKE|NOT|FORM|into|union|\*|and|\(|\)|\"|'|select|insert|eval|\$_POST|\$_GET|exec|HashBytes|replace|DATABASE|select\*from|select\+sleep｜load_file|outfile|Admin_AdminUserName|Admin_AdminPassWord|_pattern_login|_cardseries|_pay_log|_rmb_pay_log|_bsphp_news|_bsphp_news_class|_links_session|_appinfo|database|outfile]";
$param_daata=array();
if (preg_match_all($param_pattaern0, $param_str, $param_daata)) {
$param_daata[0]=array_unique($param_daata[0]);
if (count($param_daata[0]) > 3) {
return (1);
}
}
return (0);
}
}
